<?php

	//no calling this file by itself
	if (eregi("cmsAuthenticate.php", $_SERVER['PHP_SELF'])) {
		redirectCleanly("/");
	}

	$regglobs = ini_get('register_globals');	
	if ($regglobs){
		die ("TURN OFF REGISTER GLOBALS DIMWIT!!!!");
	}
	
	require_once("cmsBasePaths.php");
	
	//now we need to fangle the include paths.. 
	// $_SERVER['HTTP_HOST'] = "www." . $_SERVER['HTTP_HOST'];
	if (strpos($_SERVER['HTTP_HOST'],"www.") !== false) {
		$base_host = substr($_SERVER['HTTP_HOST'],4);
		
	} else {
		$base_host = $_SERVER['HTTP_HOST'];
	}
	
	$_SERVER['HTTP_HOST'] = $base_host;

	$siteConfigPath = CMS_CORE_SITEBASE . $_SERVER['HTTP_HOST'] . "/htdocs/site/config";
	

	ini_set('include_path', ini_get('include_path'). ":" .$siteConfigPath );
	
	//standard includes
	require_once("cmsConfig.php");
		
	session_start();
	
	
	$error = 0;

	$authInfo = extractObjectWithKeyFromArray('authInfo', $_SESSION);
	$rememberme = extractStringWithKeyFromArray('rememberme', $_REQUEST);
	
	if (!is_null($authInfo)) {	
		if (!key_exists('sessionip',$authInfo) || $authInfo->sessionip != $_SERVER['REMOTE_ADDR']){
			$authInfo = null;
			session_destroy();
			session_start();

		}
	}

		
	if (is_null( $authInfo ) ) {
		header("content-type: application/json", true);
		session_destroy();// also add cookie vapouriser
		echo json_encode( array());
		die();
	}